Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Backdoor.Tidserv!inf, Firewall Disabled, No Internet [Solved]


  • This topic is locked This topic is locked

#16
headphone69

headphone69

    Member

  • Topic Starter
  • Member
  • PipPip
  • 52 posts
i typed r for repair i didn't get prompt for an administrator password i just got

Microsoft Windows XP™ Recovery Console.
The Recovery Console provides system repair and recovery functionality.
Type Exit to quit the Recovery Console and restart the computer.

C:\>
  • 0

Advertisements


#17
SweetTech

SweetTech

    Sir SpamAlot

  • Retired Staff
  • 7,671 posts
I'm going under the assumption that you are attempting to replace the file in the Recovery Console?

If not, then please go ahead and please try these instructions:

This should hopefully allow you to copy the file successfully.

Please Note: You will need your Windows XP disc to perform the next set of instructions below.


NOTE:

If you have any questions while being in the Recovery Console please STOP and ask me for clarification before you continue.

Insert the Windows XP CD into your computer and then restart your computer.
Press 'R' to enter the Recovery Console.

The Recovery Console will start and ask you which Windows installation you would like to log on to. If you have multiple Windows installations, it will list each one, and you would enter the number associated with the installation you would like to work on and press enter. If you have just one Windows installation, type 1 and press enter.

You will need to enter the administrator password. If a password was not set then leave the password field blank and press Enter.

From the Command Prompt please type the following lines, one at a time, hit the Enter key after each line.


set allowallpaths = true


At the next prompt type the following bolded text, and press Enter:
Note: (If your CD drive is not D - change it to the appropriate letter)

expand d:\i386\afd.sy_ c:\afd.sys


At the next prompt type the following bolded text, and press Enter:

copy c:\afd.sys c:\windows\system32\drivers


The command should then show 1 file(s) copied.

At the next prompt type the following bolded text, and press Enter:

exit


Windows will now begin loading. Please see if your now able to connect to the internet.
  • 0

#18
headphone69

headphone69

    Member

  • Topic Starter
  • Member
  • PipPip
  • 52 posts
i typed this

C:\>set allowallpaths = true

got this

The Set command is currently disabled. The SET command is an optional Recovery Console command that can only be enabled by using the the security Configuration and Analysis snap-in.
  • 0

#19
SweetTech

SweetTech

    Sir SpamAlot

  • Retired Staff
  • 7,671 posts
Skip that step and go onto the expand command.
  • 0

#20
headphone69

headphone69

    Member

  • Topic Starter
  • Member
  • PipPip
  • 52 posts
i get " There is no floppy disk or CD in the drive. " i put the XP cd in both drives

i have two drives d: and e: and did the expand replacing the letters appropriately
  • 0

#21
SweetTech

SweetTech

    Sir SpamAlot

  • Retired Staff
  • 7,671 posts
Press Start->Run, copy/paste the following command into the box and press OK:
cmd /c dir C:\*.* /L /A /B /S|Find "afd.sys"  >> "%userprofile%\desktop\look.txt"
A file called look.txt should appear on your Desktop. Please post the contents of this file.
  • 0

#22
headphone69

headphone69

    Member

  • Topic Starter
  • Member
  • PipPip
  • 52 posts
c:\windows\$hf_mig$\kb951748\sp2qfe\afd.sys
c:\windows\$hf_mig$\kb951748\sp3gdr\afd.sys
c:\windows\$hf_mig$\kb951748\sp3qfe\afd.sys
c:\windows\$hf_mig$\kb956803\sp2qfe\afd.sys
c:\windows\$hf_mig$\kb956803\sp3gdr\afd.sys
c:\windows\$hf_mig$\kb956803\sp3qfe\afd.sys
c:\windows\$ntservicepackuninstall$\afd.sys
c:\windows\$ntservicepackuninstall$\afd.sys.000
c:\windows\$ntuninstallkb951748$\afd.sys
c:\windows\$ntuninstallkb951748_0$\afd.sys
c:\windows\$ntuninstallkb956803$\afd.sys
c:\windows\servicepackfiles\i386\afd.sys
c:\windows\softwaredistribution\download\dd9ab5193501484cf5e6884fa1d22f9e\afd.sys
c:\windows\system32\dllcache\afd.sys
  • 0

#23
SweetTech

SweetTech

    Sir SpamAlot

  • Retired Staff
  • 7,671 posts
Hello,

Lets see if your internet connection works after doing the following.

ComboFix Script
  • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before following the steps below.
  • They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
Copy/paste the text inside the Codebox below into notepad:

Here's how to do that:
Click Start > Run type Notepad click OK.
This will open an empty notepad file:

Copy all the text inside of the code box - Press Ctrl+C (or right click on the highlighted section and choose 'copy')

KillAll::
FCopy::
c:\windows\servicepackfiles\i386\afd.sys | c:\windows\system32\drivers\afd.sys

Now paste the copied text into the open notepad - press CTRL+V (or right click and choose 'paste')

Save this file to your desktop, Save this as "CFScript"


Here's how to do that:

1.Click File;
2.Click Save As... Change the directory to your desktop;
3.Change the Save as type to "All Files";
4.Type in the file name: CFScript
5.Click Save ...

Posted Image
  • Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
  • ComboFix will now run a scan on your system. If ComboFix prompts you to update to the newest version, please allow it to do so. It may reboot your system when it finishes. This is normal.
  • When finished, it shall produce a log for you.
  • Copy and paste the contents of the log in your next reply.

CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.

Edited by SweetTech, 13 June 2010 - 01:45 PM.

  • 0

#24
headphone69

headphone69

    Member

  • Topic Starter
  • Member
  • PipPip
  • 52 posts
i always get this error when i run this

"You do not appear to be connected to the internet. Kindly connect before clicking 'OK' "

then i click OK and this error comes up

"Failed to download required files. Aborting... Shall continue scanning for malware


ComboFix 10-06-12.04 - Valued Customer 06/13/2010 15:53:53.3.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.447.186 [GMT -4:00]
Running from: c:\documents and settings\Valued Customer\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Valued Customer\Desktop\CFScript.txt
AV: Norton AntiVirus *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton AntiVirus *enabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

.
--------------- FCopy ---------------

c:\windows\servicepackfiles\i386\afd.sys --> c:\windows\system32\drivers\afd.sys
.
((((((((((((((((((((((((( Files Created from 2010-05-13 to 2010-06-13 )))))))))))))))))))))))))))))))
.

2010-06-13 19:53 . 2008-04-13 19:19 138112 -c--a-w- c:\windows\system32\dllcache\afd.sys
2010-06-13 19:53 . 2008-04-13 19:19 138112 ----a-w- c:\windows\system32\drivers\afd.sys
2010-06-13 15:45 . 2010-06-13 15:45 -------- d-----w- C:\_OTL
2010-06-13 15:17 . 2010-06-13 15:17 388096 ----a-r- c:\documents and settings\Valued Customer\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-06-13 01:08 . 2010-06-13 01:09 -------- d-----w- c:\program files\ERUNT
2010-06-11 04:39 . 2010-04-29 19:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-06-11 04:39 . 2010-04-29 19:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-06-11 04:39 . 2010-06-11 04:39 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-06-11 00:37 . 2010-06-11 01:06 -------- d-----w- C:\ERDNT
2010-06-10 03:40 . 2010-06-10 03:40 -------- d-----w- c:\documents and settings\Valued Customer\Application Data\Malwarebytes
2010-06-10 03:28 . 2010-06-10 03:28 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-06-10 02:48 . 2010-06-10 02:48 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache
2010-06-10 02:20 . 2010-06-10 02:20 -------- d-----w- c:\windows\system32\scripting
2010-06-10 02:19 . 2010-06-10 02:20 -------- d-----w- c:\windows\l2schemas
2010-06-10 02:19 . 2010-06-10 02:19 -------- d-----w- c:\windows\system32\en
2010-06-10 01:38 . 2010-06-10 01:38 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2010-06-10 01:27 . 2010-06-10 01:27 -------- d-sh--w- c:\documents and settings\Valued Customer\PrivacIE
2010-06-10 01:25 . 2010-06-10 01:25 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2010-06-10 01:19 . 2010-06-10 01:19 -------- d-sh--w- c:\documents and settings\Valued Customer\IETldCache
2010-06-10 01:03 . 2010-06-10 01:11 -------- dc-h--w- c:\windows\ie8
2010-06-09 00:34 . 2010-06-09 00:34 552 ----a-w- c:\windows\system32\d3d8caps.dat
2010-06-08 22:41 . 2010-06-11 02:42 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-06-08 22:41 . 2010-06-08 23:20 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-06-08 22:36 . 2010-06-08 22:36 -------- d-----w- c:\program files\CCleaner
2010-06-08 22:03 . 2010-06-08 22:03 -------- d-----w- c:\program files\Trend Micro
2010-06-08 02:18 . 2010-06-08 02:18 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-06-08 00:55 . 2010-06-08 00:55 -------- d-----w- c:\documents and settings\Valued Customer\Local Settings\Application Data\Threat Expert
2010-06-07 19:42 . 2010-06-12 03:16 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-10 10:25 . 2005-09-02 11:46 -------- d-----w- c:\program files\Google
2010-06-10 02:26 . 2003-02-07 02:06 76487 ----a-w- c:\windows\PCHealth\HelpCtr\OfflineCache\index.dat
2010-06-08 23:13 . 2003-02-07 03:34 -------- d-----w- c:\documents and settings\All Users\Application Data\AOL
2010-06-08 23:13 . 2003-02-07 03:33 -------- d-----w- c:\program files\Common Files\AOL
2010-06-08 23:12 . 2005-07-16 22:12 -------- d-----w- c:\documents and settings\Valued Customer\Application Data\Aim
2010-06-08 23:01 . 2010-03-15 01:37 -------- d-----w- c:\program files\Microsoft
2010-06-08 22:59 . 2003-02-07 02:42 -------- d-----w- c:\program files\Real
2010-06-08 22:58 . 2003-02-07 02:42 -------- d-----w- c:\program files\Common Files\Real
2010-06-06 15:54 . 2003-02-07 03:35 -------- d-----w- c:\program files\QuickTime
2010-06-06 15:21 . 2009-09-16 22:26 -------- d-----w- c:\documents and settings\Valued Customer\Application Data\Skype
2010-06-06 14:06 . 2009-09-16 22:30 -------- d-----w- c:\documents and settings\Valued Customer\Application Data\skypePM
2010-06-05 17:40 . 2008-07-27 20:14 -------- d-----w- c:\documents and settings\Valued Customer\Application Data\ZoomBrowser EX
2010-06-05 17:09 . 2008-07-27 20:12 -------- d-----w- c:\documents and settings\Valued Customer\Application Data\CameraWindowDC
2010-06-05 14:07 . 2005-04-25 22:37 -------- d-----w- c:\documents and settings\Valued Customer\Application Data\MSN6
2010-06-02 21:50 . 2003-02-07 03:36 -------- d-----w- c:\documents and settings\All Users\Application Data\Symantec
2010-05-17 00:11 . 2009-12-16 02:08 -------- d-----w- c:\documents and settings\All Users\Application Data\Norton
2010-05-14 22:53 . 2003-02-07 03:37 -------- d-----w- c:\program files\Common Files\Symantec Shared
2010-04-12 17:39 . 2009-12-16 02:08 1808752 ----a-w- c:\documents and settings\All Users\Application Data\Norton\NUA.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2003-10-06 5058560]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2008-10-17 51048]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=

R2 LiveUpdate Notice;LiveUpdate Notice;c:\program files\Common Files\Symantec Shared\CCSVCHST.EXE [1/25/2008 9:47 PM 149352]
S2 gupdate1c99060f4e0d8ea;Google Update Service (gupdate1c99060f4e0d8ea);c:\program files\Google\Update\GoogleUpdate.exe [2/16/2009 2:04 PM 133104]
S3 COH_Mon;COH_Mon;c:\windows\system32\drivers\COH_Mon.sys [1/12/2008 10:32 PM 23888]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;\??\c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys --> c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [?]
S3 MSHUSBVideo;NX6000/NX3000/VX5000/VX5500/VX2000/VX7000 Filter Driver;c:\windows\system32\drivers\nx6000.sys [9/16/2009 6:08 PM 30560]
S4 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [1/10/2007 8:04 PM 24652]
.
Contents of the 'Scheduled Tasks' folder

2010-06-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-16 18:03]

2010-06-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-16 18:03]

2009-09-16 c:\windows\Tasks\Microsoft_Hardware_Launch_LifeExp_exe.job
- c:\program files\Microsoft LifeCam\LifeExp.exe [2009-03-17 18:24]

2010-06-12 c:\windows\Tasks\Norton AntiVirus - Run Full System Scan - Valued Customer.job
- c:\program files\Norton AntiVirus\Navw32.exe [2008-02-07 14:05]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = <local>
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000
IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
FF - ProfilePath - c:\documents and settings\Valued Customer\Application Data\Mozilla\Firefox\Profiles\5l8w9y67.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=SOLTDF&PC=SUN1&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=SOLTDF&PC=SUN1&q=
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pr
ef", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-06-13 16:03
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(3796)
c:\windows\system32\ieframe.dll
c:\windows\system32\OneX.DLL
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
c:\program files\Symantec\LiveUpdate\AluSchedulerSvc.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Microsoft LifeCam\MSCamS32.exe
c:\windows\System32\nvsvc32.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Canon\CAL\CALMAIN.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
.
**************************************************************************
.
Completion time: 2010-06-13 16:05:37 - machine was rebooted
ComboFix-quarantined-files.txt 2010-06-13 20:05
ComboFix2.txt 2010-06-13 17:47
ComboFix3.txt 2010-06-13 16:49

Pre-Run: 139,559,641,088 bytes free
Post-Run: 139,543,662,592 bytes free

- - End Of File - - E2C322FF6FC96B497B2A25111CED017F
  • 0

#25
SweetTech

SweetTech

    Sir SpamAlot

  • Retired Staff
  • 7,671 posts
Are you still unable to connect to the internet?
  • 0

Advertisements


#26
headphone69

headphone69

    Member

  • Topic Starter
  • Member
  • PipPip
  • 52 posts
Still Can't Connect
  • 0

#27
SweetTech

SweetTech

    Sir SpamAlot

  • Retired Staff
  • 7,671 posts
Running TDSSKiller


Please Note: If you have a previous version of TDSSKiller downloaded please delete it now and download a fresh copy using the links provided below.


Download TDSSKiller from one of the links below:

Zipped Version or Executable (Not Zipped) Version


Note: If you download the TDSSKiller.zip version you will first need to unzip (extract) the file to your computer before running it.


Please ensure that you save the TDSSKiller file to you desktop.


If TDSSKiller asks you to close all programs please allow it to do so.


If you see the following:
To finalize removal of infection and avoid loosing of data program will reboot your PC now.
Close all programs and choose Y to restart or N to continue.


Please enter Y and allow TDSSKiller to reboot your computer.


Once completed it will create a log in your C:\ drive. An example of a log file is: C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt.


Please post the content of the TDSSKiller log.



NEXT:



Open notepad by going to START > RUN and type notepad.exe in the box that appears. In the window that pops up please copy and paste the following:

@echo off
pushd\windows\system32\drivers\etc
attrib -h -s -r hosts
echo 127.0.0.1 localhost>HOSTS
attrib +r +h +s hosts
popd
ipconfig /release
ipconfig /renew
ipconfig /flushdns
netsh winsock reset all
netsh int ip reset all
shutdown -r -t 1

In Notepad click on the "File" menu > Save As... Under "File name" type fix.bat and Change "Save as type" to All Files, save it to a place you will remember.

Posted Image

Double click on fix.bat
  • 0

#28
headphone69

headphone69

    Member

  • Topic Starter
  • Member
  • PipPip
  • 52 posts
16:24:26:671 2108 TDSS rootkit removing tool 2.3.2.0 May 31 2010 10:39:48
16:24:26:671 2108 ================================================================================
16:24:26:671 2108 SystemInfo:

16:24:26:671 2108 OS Version: 5.1.2600 ServicePack: 3.0
16:24:26:687 2108 Product type: Workstation
16:24:26:687 2108 ComputerName: YOUR-W7NFSBJPH3
16:24:26:687 2108 UserName: Valued Customer
16:24:26:687 2108 Windows directory: C:\WINDOWS
16:24:26:687 2108 Processor architecture: Intel x86
16:24:26:687 2108 Number of processors: 1
16:24:26:687 2108 Page size: 0x1000
16:24:26:687 2108 Boot type: Normal boot
16:24:26:687 2108 ================================================================================
16:24:26:921 2108 Initialize success
16:24:26:921 2108
16:24:26:921 2108 Scanning Services ...
16:24:27:578 2108 Raw services enum returned 345 services
16:24:27:578 2108
16:24:27:578 2108 Scanning Drivers ...
16:24:28:328 2108 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
16:24:28:390 2108 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
16:24:28:531 2108 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
16:24:28:750 2108 AmdK7 (8fce268cdbdd83b23419d1f35f42c7b1) C:\WINDOWS\system32\DRIVERS\amdk7.sys
16:24:28:953 2108 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
16:24:29:000 2108 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
16:24:29:125 2108 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
16:24:29:203 2108 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
16:24:29:281 2108 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
16:24:29:343 2108 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
16:24:29:390 2108 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
16:24:29:500 2108 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
16:24:29:531 2108 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
16:24:29:578 2108 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
16:24:29:718 2108 COH_Mon (6186b6b953bdc884f0f379b84b3e3a98) C:\WINDOWS\system32\Drivers\COH_Mon.sys
16:24:29:906 2108 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
16:24:30:000 2108 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
16:24:30:078 2108 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
16:24:30:171 2108 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
16:24:30:218 2108 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
16:24:30:296 2108 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
16:24:30:421 2108 eeCtrl (089296aedb9b72b4916ac959752bdc89) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
16:24:30:500 2108 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
16:24:30:562 2108 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
16:24:30:609 2108 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
16:24:30:656 2108 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
16:24:30:734 2108 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
16:24:30:812 2108 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
16:24:30:875 2108 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
16:24:30:921 2108 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
16:24:30:968 2108 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
16:24:31:093 2108 HSFHWBS2 (128ef741b2293c36810561092b566b1c) C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
16:24:31:171 2108 HSF_DP (9a0d0c461ef2b3d80cb7875b4b995e47) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
16:24:31:265 2108 HTTP (f6aacf5bce2893e0c1754afeb672e5c9) C:\WINDOWS\system32\Drivers\HTTP.sys
16:24:31:406 2108 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
16:24:31:453 2108 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
16:24:31:546 2108 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
16:24:31:625 2108 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
16:24:31:687 2108 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
16:24:31:812 2108 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
16:24:32:375 2108 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
16:24:32:484 2108 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
16:24:32:578 2108 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
16:24:32:609 2108 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
16:24:32:671 2108 klmd23 (67e1faa88fb397b3d56909d7e04f4dd3) C:\WINDOWS\system32\drivers\klmd.sys
16:24:32:765 2108 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
16:24:32:796 2108 KSecDD (1705745d900dabf2d89f90ebaddc7517) C:\WINDOWS\system32\drivers\KSecDD.sys
16:24:32:937 2108 mdmxsdk (5110edd87e2508f02b922e83a2487dfc) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
16:24:32:968 2108 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
16:24:33:015 2108 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
16:24:33:046 2108 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
16:24:33:078 2108 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
16:24:33:171 2108 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
16:24:33:250 2108 MRxSmb (68755f0ff16070178b54674fe5b847b0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
16:24:33:296 2108 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
16:24:33:375 2108 MSHUSBVideo (066f26efe273125b352e35405d258e85) C:\WINDOWS\system32\Drivers\nx6000.sys
16:24:33:421 2108 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
16:24:33:468 2108 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
16:24:33:515 2108 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
16:24:33:593 2108 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
16:24:33:656 2108 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
16:24:33:703 2108 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
16:24:33:812 2108 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
16:24:33:984 2108 NAVENG (83518e6cc82bdc3c3db0c12d1c9a2275) C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20100609.022\NAVENG.SYS
16:24:34:062 2108 NAVEX15 (85cf37740fe06c7a2eaa7f6c81f0819c) C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20100609.022\NAVEX15.SYS
16:24:34:218 2108 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
16:24:34:296 2108 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
16:24:34:375 2108 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
16:24:34:453 2108 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
16:24:34:515 2108 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
16:24:34:609 2108 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys
16:24:34:718 2108 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
16:24:34:812 2108 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
16:24:34:890 2108 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
16:24:34:984 2108 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
16:24:35:156 2108 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
16:24:35:312 2108 nv (71dbdc08df86b80511e72953fa1ad6b0) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
16:24:35:437 2108 nvax (c940418d48b98359e9ccbad695e5f530) C:\WINDOWS\system32\drivers\nvax.sys
16:24:35:515 2108 NVENET (5155e22da2f2e1ca4023d00f6eb31b5e) C:\WINDOWS\system32\DRIVERS\NVENET.sys
16:24:35:562 2108 nvnforce (b000a8b4946f786a56c7b020620b3a46) C:\WINDOWS\system32\drivers\nvapu.sys
16:24:35:640 2108 nv_agp (29291c3a7256337327051cc37e4fc09a) C:\WINDOWS\system32\DRIVERS\nv_agp.sys
16:24:35:703 2108 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
16:24:35:796 2108 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
16:24:35:875 2108 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
16:24:35:937 2108 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
16:24:36:031 2108 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
16:24:36:078 2108 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
16:24:36:156 2108 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
16:24:36:234 2108 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
16:24:36:484 2108 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
16:24:36:531 2108 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
16:24:36:562 2108 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
16:24:36:593 2108 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
16:24:36:828 2108 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
16:24:36:859 2108 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
16:24:36:921 2108 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
16:24:36:968 2108 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
16:24:37:046 2108 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
16:24:37:140 2108 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
16:24:37:234 2108 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
16:24:37:328 2108 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
16:24:37:390 2108 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
16:24:37:484 2108 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
16:24:37:562 2108 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
16:24:37:593 2108 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
16:24:37:703 2108 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
16:24:37:906 2108 SPBBCDrv (dc4dc886d3779c446f9b0e9d6b006e72) C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
16:24:37:968 2108 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
16:24:38:015 2108 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
16:24:38:078 2108 SRTSP (e0e54a571d4323567e95e11fe76a5ff3) C:\WINDOWS\system32\Drivers\SRTSP.SYS
16:24:38:171 2108 SRTSPL (4e44f0e22df824d318988caa6f321c30) C:\WINDOWS\system32\Drivers\SRTSPL.SYS
16:24:38:250 2108 SRTSPX (d3bb40427cf3d02e56bba97feda0a3aa) C:\WINDOWS\system32\Drivers\SRTSPX.SYS
16:24:38:296 2108 Srv (5252605079810904e31c332e241cd59b) C:\WINDOWS\system32\DRIVERS\srv.sys
16:24:38:359 2108 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
16:24:38:453 2108 SunkFilt (f658d6420b14bedb49c19e39e7d03594) C:\WINDOWS\System32\Drivers\sunkfilt.sys
16:24:38:515 2108 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
16:24:38:562 2108 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
16:24:38:687 2108 SYMDNS (fe9f8b3a8bc22d85332b42e92308ddf9) C:\WINDOWS\System32\Drivers\SYMDNS.SYS
16:24:38:781 2108 SymEvent (06b95820df51502099a8a15c93e87986) C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
16:24:38:828 2108 SYMFW (a0ea9d273889e53cfaabf2444692ccbf) C:\WINDOWS\System32\Drivers\SYMFW.SYS
16:24:38:859 2108 SYMIDS (23527b9cd4f7b9e31160e98d340e7e85) C:\WINDOWS\System32\Drivers\SYMIDS.SYS
16:24:39:031 2108 SYMIDSCO (d65255d470cd5103cce573cd7b5a88d2) C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\ipsdefs\20100604.001\SymIDSCo.sys
16:24:39:093 2108 SymIM (b54f7959afb4aaf1a8c589b0aa7fde02) C:\WINDOWS\system32\DRIVERS\SymIM.sys
16:24:39:093 2108 SymIMMP (b54f7959afb4aaf1a8c589b0aa7fde02) C:\WINDOWS\system32\DRIVERS\SymIM.sys
16:24:39:125 2108 symlcbrd (b226f8a4d780acdf76145b58bb791d5b) C:\WINDOWS\system32\drivers\symlcbrd.sys
16:24:39:171 2108 SYMNDIS (d605af3a380a83f4a562f1ad3ee19ecd) C:\WINDOWS\System32\Drivers\SYMNDIS.SYS
16:24:39:203 2108 SYMREDRV (7c6505ea598e58099d3b7e1f70426864) C:\WINDOWS\System32\Drivers\SYMREDRV.SYS
16:24:39:250 2108 SYMTDI (e6ff7ace71d07ca90119f2c6ab592ba4) C:\WINDOWS\System32\Drivers\SYMTDI.SYS
16:24:39:359 2108 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
16:24:39:453 2108 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
16:24:39:546 2108 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
16:24:39:625 2108 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
16:24:39:671 2108 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
16:24:39:765 2108 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
16:24:39:875 2108 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
16:24:40:000 2108 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
16:24:40:078 2108 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
16:24:40:125 2108 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
16:24:40:156 2108 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
16:24:40:187 2108 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
16:24:40:234 2108 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
16:24:40:296 2108 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
16:24:40:343 2108 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
16:24:40:390 2108 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
16:24:40:421 2108 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
16:24:40:531 2108 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
16:24:40:578 2108 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
16:24:40:703 2108 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
16:24:40:859 2108 winachsf (ce545a84bf3411e7516fa8da51ad9d93) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
16:24:40:937 2108 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
16:24:40:984 2108 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
16:24:41:062 2108 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
16:24:41:109 2108 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
16:24:41:109 2108
16:24:41:109 2108 Completed
16:24:41:109 2108
16:24:41:109 2108 Results:
16:24:41:109 2108 Registry objects infected / cured / cured on reboot: 0 / 0 / 0
16:24:41:109 2108 File objects infected / cured / cured on reboot: 0 / 0 / 0
16:24:41:109 2108
16:24:41:109 2108 KLMD(ARK) unloaded successfully
  • 0

#29
SweetTech

SweetTech

    Sir SpamAlot

  • Retired Staff
  • 7,671 posts
I take it your internet is still not working.

You said in your opening post that you deleted a registry key. Do you recall which registry key you ended up removing?
  • 0

#30
headphone69

headphone69

    Member

  • Topic Starter
  • Member
  • PipPip
  • 52 posts
this is what i deleted from the registry

" C:\Windows\System3\drivers afd.sys
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP